From 2d13f729778a28c1784a96299bb4167023c70925 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Fri, 28 Oct 2005 18:38:04 +0000
Subject: [PATCH] take care of missing types

---
 refpolicy/policy/modules/services/mta.te | 7 +++++++
 refpolicy/policy/modules/services/ssh.te | 3 +++
 2 files changed, 10 insertions(+)

diff --git a/refpolicy/policy/modules/services/mta.te b/refpolicy/policy/modules/services/mta.te
index 7d78871a..1752cddc 100644
--- a/refpolicy/policy/modules/services/mta.te
+++ b/refpolicy/policy/modules/services/mta.te
@@ -33,6 +33,9 @@ domain_type(system_mail_t)
 domain_entry_file(system_mail_t,sendmail_exec_t)
 role system_r types system_mail_t;
 
+type system_mail_tmp_t;
+files_tmp_file(system_mail_tmp_t)
+
 # cjp: need to resolve this, but require{}
 # does not work in the else part of the optional
 #ifdef(`targeted_policy',`',`
@@ -57,6 +60,10 @@ allow system_mail_t etc_mail_t:file r_file_perms;
 can_exec(system_mail_t, sendmail_exec_t)
 allow system_mail_t sendmail_exec_t:lnk_file r_file_perms;
 
+allow system_mail_t system_mail_tmp_t:dir create_dir_perms;
+allow system_mail_t system_mail_tmp_t:file create_file_perms;
+files_create_tmp_files(system_mail_t, system_mail_tmp_t, { file dir })
+
 kernel_read_kernel_sysctl(system_mail_t)
 kernel_read_system_state(system_mail_t)
 kernel_read_network_state(system_mail_t)
diff --git a/refpolicy/policy/modules/services/ssh.te b/refpolicy/policy/modules/services/ssh.te
index 4b4f98d7..f8eac9df 100644
--- a/refpolicy/policy/modules/services/ssh.te
+++ b/refpolicy/policy/modules/services/ssh.te
@@ -31,6 +31,9 @@ files_type(sshd_key_t)
 ifdef(`targeted_policy',`
 	unconfined_alias_domain(sshd_t)
 	init_system_domain(sshd_t,sshd_exec_t)
+
+	type sshd_var_run_t;
+	files_type(sshd_var_run_t)
 ',`
 	# Type for the ssh-agent executable.
 	type ssh_agent_exec_t;